The parts of a key?

Werner Koch wk at
Thu Dec 9 12:38:58 CET 2004

On Wed, 08 Dec 2004 16:47:05 -0700, Chris De Young said:

> Is efficiency the reason for using multiple keys, rather than using a
> single ElGamal key (really a single public/secret pair) for everything?

ElGamal is not really usable to create signatures.  We supported this
for a long time but eventually introduced a bug leading to a real
world secret key compromise.  Thus no more ElGamal signing keys.

The general reason for having 2 keys is a long standing cryptographic
caution to use one key only for one purpose - thus the concept of
subkeys to implement this.  The primary key needs to have a signing
capability only; whereas you may add any number of subkeys.  For
example, the OpenPGP card creates 2 subkeys: One for encryption and
one for authentication - again you see: a key per purpose.  Due to the
way OpenPGP is designed the primary key may be given for all purposes
and the software then looks out for an appropriate subkey for the task
to be done (i.e. signing, encryption or authentication (ssh)).



More information about the Gnupg-users mailing list